November 12, 2013

When it comes to gratifying the digital sweet tooth, Google is one company that you can safely depend on.

After treating Android users to a series of desserts and sugary treats, it has now given them a KitKat to munch on. Also known as Android 4.4, the newest version of Google’s immensely popular mobile operating system was greeted by some pretty big expectations, security being one of them. The open source platform is not exactly known for its flawless security protocols, though that hardly kept the Android enthusiasts from hoping for a secure and bug-free KitKat. Now that the highly-anticipated version of the popular mobile operating system is out, it has become obvious that Google has wasted yet another opportunity to bolster the defenses of its platform.

No deeper integration of Cloud Storage service with Android

Google found itself in hot water following the revelation of National Security Agency’s PRISM program and the agency’s supposed access to all the data stored on the Cloud Storage platform. However, the company responded by applying a 128-bit advanced encryption standard to the storage platform, thus making the data on it safe from snoopers such as hackers and maybe even the government agencies. Unlike iOS devices, where the iCloud is deeply integrated with the operating system, Android has yet to derive the maximum benefit out of a much-more secure Cloud Storage platform. Google could have assigned its storage service a bigger and more significant role in KitKat so that Android users could have their data encrypted and, consequently, safe from prying eyes. Unfortunately, it did not do anything of the sort, thus leaving users’ data as unsecure as ever

The notable absence of application verifier feature

Google Play Store isn’t exactly known for its huge collection of safe apps. Unlike Apple, which thoroughly scrutinizes every app before allowing it on App Store and removing it promptly if it is reported as suspicious, Google has a pretty relaxed attitude as far as the filtering of apps and security of its marketplace is concerned. The company has introduced a much-needed application verification feature in Nexus 7, which lets Google determine if the app is safe. If it is not, the user is warned not to install it and, in some cases, the installation may be blocked completely. Google could have included the feature in KitKat to give users a better chance of protecting their cell phones against malicious apps. Strangely, the feature was nowhere to be seen

Developers’ privileges continue to be a threat

The open-source nature of Android allows developers to enjoy a great deal of freedom, which is generally perceived as a positive thing. However, Google definitely needed to snip this freedom just a little so as to reduce its abuse by those involved in making malware such as Android spy apps.

For instance, developers should no longer be given the privilege to hide app icons on an unrooted Android. A considerable number of malicious apps are heavily reliant on their ability to stay hidden in order to carry out their intended function.

Restricting access to the category dealing with icon visibility may have made the detection and consequently removal of malware more convenient. However, it seems that Google didn’t think so and, therefore, saw no reason to trim the privileges that it has granted to the developers.

Google had made its intentions with KitKat very clear. It wanted the new version of its mobile operating system to deliver an amazing Android experience and at the same time, make it available for everyone.

The ‘available to everyone’ part, however, cast some doubt on its defenses. In order to get the upcoming Android version to work on nearly every hardware, even the outdated ones with a RAM of 512 or less, a compromise on various features, including security

protocols, may have been made. It is still too early to say if Google is avoiding security in a bid to boost convenience. If that is the case, then Google may have very well shot itself in the foot.

Natalia David has written about the latest trends and news-worthy events in the tech world. Her readers not only enjoy her articles but also benefit from them. She can be reached @NataliaDavid4